package: src:libav version: 6:0.8.16-1 severity: serious tags: security Hi,
the following vulnerabilities were published for libav. CVE-2014-8541[0]: | libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension | differences, and not bits-per-pixel differences, when determining | whether an image size has changed, which allows remote attackers to | cause a denial of service (out-of-bounds access) or possibly have | unspecified other impact via crafted MJPEG data. CVE-2014-8542[1]: | libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID | during enforcement of alignment, which allows remote attackers to | cause a denial of service (out-of-bounds access) or possibly have | unspecified other impact via crafted JV data. CVE-2014-8543[2]: | libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all | lines of HHV Intra blocks during validation of image height, which | allows remote attackers to cause a denial of service (out-of-bounds | access) or possibly have unspecified other impact via crafted MM video | data. CVE-2014-8543[3]: | libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all | lines of HHV Intra blocks during validation of image height, which | allows remote attackers to cause a denial of service (out-of-bounds | access) or possibly have unspecified other impact via crafted MM video | data. CVE-2014-8544[4]: | libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate | bits-per-pixel fields, which allows remote attackers to cause a denial | of service (out-of-bounds access) or possibly have unspecified other | impact via crafted TIFF data. CVE-2014-8545[5]: | libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the | monochrome-black format without verifying that the bits-per-pixel | value is 1, which allows remote attackers to cause a denial of service | (out-of-bounds access) or possibly have unspecified other impact via | crafted PNG data. CVE-2014-8546[6]: | Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 | allows remote attackers to cause a denial of service (out-of-bounds | access) or possibly have unspecified other impact via crafted Cinepak | video data. CVE-2014-8547[7]: | libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute | image heights, which allows remote attackers to cause a denial of | service (out-of-bounds access) or possibly have unspecified other | impact via crafted GIF data. CVE-2014-8548[8]: | Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows | remote attackers to cause a denial of service (out-of-bounds access) | or possibly have unspecified other impact via crafted Quicktime | Graphics (aka SMC) video data. CVE-2014-8549[9]: | libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the | number of channels to at most 2, which allows remote attackers to | cause a denial of service (out-of-bounds access) or possibly have | unspecified other impact via crafted On2 data. CVE-2014-9316[10]: | The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg | before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows | remote attackers to cause a denial of service (out-of-bounds heap | access) and possibly have other unspecified impact via vectors related | to LJIF tags in an MJPEG file. CVE-2014-9318[11]: | The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, | 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to | cause a denial of service (out-of-bounds heap access) and possibly | have other unspecified impact via a crafted .cine file that triggers | the avpicture_get_size function to return a negative frame size. CVE-2014-9319[12]: | The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg | before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows | remote attackers to cause a denial of service (out-of-bounds access) | via a crafted .bit file. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2014-8541 [1] https://security-tracker.debian.org/tracker/CVE-2014-8542 [2] https://security-tracker.debian.org/tracker/CVE-2014-8543 [3] https://security-tracker.debian.org/tracker/CVE-2014-8543 [4] https://security-tracker.debian.org/tracker/CVE-2014-8544 [5] https://security-tracker.debian.org/tracker/CVE-2014-8545 [6] https://security-tracker.debian.org/tracker/CVE-2014-8546 [7] https://security-tracker.debian.org/tracker/CVE-2014-8547 [8] https://security-tracker.debian.org/tracker/CVE-2014-8548 [9] https://security-tracker.debian.org/tracker/CVE-2014-8549 [10] https://security-tracker.debian.org/tracker/CVE-2014-9316 [11] https://security-tracker.debian.org/tracker/CVE-2014-9318 [12] https://security-tracker.debian.org/tracker/CVE-2014-9319 Please adjust the affected versions in the BTS as needed. _______________________________________________ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
